Regarding the issue, the simple broker does have any special semantics for /topic (pub-sub) vs /queue (point-to-point) as message brokers do. Those are mere conventions that mimic the semantics but there is nothing to enforce them. Along the same lines for user destination, it's merely a convention that allows a user to subscribe to a unique queue then another user to send messages targeting the user's queue. We don't actively enforce that no other user can receive those messages.
Spring Security provides support for authorizing incoming messages so you can do things like allow subscriptions to /user/*, or disallow subscriptions to /queue/*. You can also install your own interceptor but Spring Security will give you more complete support.